<?php
/**
 * @CopyRight  (C)2006-2011 LiangJing Development team Inc.
 * @WebSite    www.liangjing.org www.asp99.cn
 * @Author     Liangjing.org <asp3721@hotmail.com>
 * @Brief      liangjingcms v1.x
 * @Update     2011.09.11
 * @Id         单页
**/
session_start();
require_once '../source/core/run.php';

$action		= Core_Fun::rec_get("uiaction");

if($action=="register")
{

  Adduser();
}


function Adduser(){

	global $db;

	$loginname	= Core_Fun::rec_get('usename');
	$password	= Core_Fun::rec_get('password');
	$usergroupid= 1;
	$flag		= 1;
	$checkcode		= Core_Fun::rec_get('checkcode');
	$founderr	= false;

   if(!Core_Fun::ischar($checkcode)){
		$founderr	= true;
	}else{
		if($checkcode != $_SESSION["verifycode"]){
			$founderr	= true;
		}
	}

	if(!Core_Fun::ischar($loginname)){
	    $founderr	= true;

	}else{
		if(!Core_Fun::check_userstr($loginname)){
			$founderr	= true;
		}
	}
	if(!Core_Fun::ischar($password)){
		$founderr	= true;
	}



if($founderr == true)
{

echo("usernameerror");

}
else 
{

if(!($db->checkdata("SELECT userid FROM ".DB_PREFIX."user WHERE lower(loginname)='".strtolower($loginname)."'"))){
		$userid	= $db->fetch_newid("SELECT MAX(userid) FROM ".DB_PREFIX."user",1);
		$password	= md5($password);
		$array	= array(
			'userid'=>$userid,
			'loginname'=>$loginname,
			'password'=>$password,
			'usergroupid'=>$usergroupid,
			'flag'=>$flag,
			'regdate'=>time(),
	    );
		$result = $db->insert(DB_PREFIX."user",$array);
		if($result){ 
		echo("success");
		myuserlogin($loginname,$password);
		}else{
	   echo("error");
		}

	}
	else
    {
	$youstring="youerror";
	echo(trim($youstring));
	}



	}

}





function myuserlogin($username,$password){
		global $db;
		$username = Core_Fun::replacebadchar($username);
		$md5password =$password;
		$sql  = "SELECT a.*,g.grupname,g.level,g.gpurview".
			    " FROM ".DB_PREFIX."user AS a".
			    " LEFT JOIN ".DB_PREFIX."usergroup AS g ON a.usergroupid=g.usergroupid".
			    " WHERE 1=1 and lower(a.loginname)='".strtolower($username)."' AND a.password='$md5password'";
		$rows = $db->fetch_first($sql);
		if($rows){
            $_SESSION["USERID"]=$rows['userid'];
			$_SESSION["USERNAME"]=$username;
			$_SESSION["usergroupname"]=$rows['grupname'];
			$_SESSION["gpurview"]=$rows['gpurview'];
			$_SESSION["USERLEVEL"]=$rows['level'];
			$_SESSION["pointnum"]=$rows['pointnum'];
			$_SESSION["lastlogindate"]=$rows['lastlogindate'];
		    $array  = array(
					'lastlogindate'=>time(),
					'pointnum'=>'[[pointnum+1]]',
					'lastloginip'=>Core_Fun::getip(),
				);
		$db->update(DB_PREFIX."user",$array,"loginname='$username'");

		}
	}





?>




